search for: ssl_op_msie_sslv2_rsa_pad

Displaying 2 results from an estimated 2 matches for "ssl_op_msie_sslv2_rsa_pad".

2005 Oct 11
0
FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
...r version of the protocol (SSLv3) to end up using the older version of the protocol (SSLv2). II. Problem Description In order to provide bug-for-bug compatibility with Microsoft Internet Explorer 3.02, a verification step required by the Secure Sockets Layer protocol can be disabled by using the SSL_OP_MSIE_SSLV2_RSA_PADDING option in OpenSSL. This option is implied by the frequently-used SSL_OP_ALL option. III. Impact If the SSL_OP_MSIE_SSLV2_RSA_PADDING option is enabled in a server application using OpenSSL, an attacker who is able to intercept and tamper with packets transmitted between a client and the serv...
2005 Oct 11
10
FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
...r version of the protocol (SSLv3) to end up using the older version of the protocol (SSLv2). II. Problem Description In order to provide bug-for-bug compatibility with Microsoft Internet Explorer 3.02, a verification step required by the Secure Sockets Layer protocol can be disabled by using the SSL_OP_MSIE_SSLV2_RSA_PADDING option in OpenSSL. This option is implied by the frequently-used SSL_OP_ALL option. III. Impact If the SSL_OP_MSIE_SSLV2_RSA_PADDING option is enabled in a server application using OpenSSL, an attacker who is able to intercept and tamper with packets transmitted between a client and the serv...